$r = $user->Login($u, $p); if ($r['success'] == false) { $errors[] = L\get('Auth_fail'); } else { $cfg = $user->getTSVConfig(); if (!empty($cfg['method'])) { $_SESSION['check_TSV'] = time(); } else { $_SESSION['user']['TSV_checked'] = true; } } } $_SESSION['message'] = array_shift($errors); } elseif (!empty($_SESSION['check_TSV']) && !empty($_POST['c'])) { $u = new User(); $cfg = $u->getTSVConfig(); $authenticator = $u->getTSVAuthenticator($cfg['method'], $cfg['sd']); $verificationResult = $authenticator->verifyCode($_POST['c']); if ($verificationResult === true) { unset($_SESSION['check_TSV']); $_SESSION['user']['TSV_checked'] = true; } else { $_SESSION['message'] = is_string($verificationResult) ? htmlspecialchars($verificationResult, ENT_COMPAT) : 'Wrong verification code. Please try again.'; } } $coreUrl = Config::get('core_url'); if (!User::isLoged()) { exit(header('Location: ' . $coreUrl . 'login/')); } if (!empty($_SESSION['redirect']['view'])) { $viewId = $_SESSION['redirect']['view'];
echo L\get('TSV'); ?> </label> <label> <input type="text" name="c" id="c" placeholder="<?php echo L\get('EnterCode'); ?> "> <?php echo isset($_SESSION['message']) ? '<div class="alert alert-error">' . $_SESSION['message'] . '</div>' : ''; ?> <span class="icon-lock"></span> </label> <?php //dont show login button for yubikey authentication $cfg = User::getTSVConfig(); if ($cfg['method'] !== 'ybk') { echo '<input type="submit" name="s" id="s" value="' . L\get('Verify') . '" class="btn btn-info" style="margin-top: 26px;" disabled>'; } echo '<a href="/' . $coreName . '/login/auth/?l=1" style="margin-top: 30px;" class="pull-right">' . L\get('Exit') . '</a>'; } ?> </form> </div> </div> <div class="footer"> <?php echo Config::get('login_footer_text'); ?> </div>